summaryrefslogtreecommitdiff
path: root/auth-options.c
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2005-03-01 21:24:33 +1100
committerDamien Miller <djm@mindrot.org>2005-03-01 21:24:33 +1100
commitf91ee4c3def4de8b4b9409f07ab26a61e535e1e6 (patch)
tree92d9f883c3c34f0d80b49a7855dcc2514798cf02 /auth-options.c
parent1717fd422f2c5691d745a7daf6908df9a6458904 (diff)
- djm@cvs.openbsd.org 2005/03/01 10:09:52
[auth-options.c channels.c channels.h clientloop.c compat.c compat.h] [misc.c misc.h readconf.c readconf.h servconf.c ssh.1 ssh.c ssh_config.5] [sshd_config.5] bz#413: allow optional specification of bind address for port forwardings. Patch originally by Dan Astorian, but worked on by several people Adds GatewayPorts=clientspecified option on server to allow remote forwards to bind to client-specified ports.
Diffstat (limited to 'auth-options.c')
-rw-r--r--auth-options.c28
1 files changed, 16 insertions, 12 deletions
diff --git a/auth-options.c b/auth-options.c
index 0e146ab15..04d12d66e 100644
--- a/auth-options.c
+++ b/auth-options.c
@@ -10,7 +10,7 @@
10 */ 10 */
11 11
12#include "includes.h" 12#include "includes.h"
13RCSID("$OpenBSD: auth-options.c,v 1.28 2003/06/02 09:17:34 markus Exp $"); 13RCSID("$OpenBSD: auth-options.c,v 1.29 2005/03/01 10:09:52 djm Exp $");
14 14
15#include "xmalloc.h" 15#include "xmalloc.h"
16#include "match.h" 16#include "match.h"
@@ -217,7 +217,7 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
217 } 217 }
218 cp = "permitopen=\""; 218 cp = "permitopen=\"";
219 if (strncasecmp(opts, cp, strlen(cp)) == 0) { 219 if (strncasecmp(opts, cp, strlen(cp)) == 0) {
220 char host[256], sport[6]; 220 char *host, *p;
221 u_short port; 221 u_short port;
222 char *patterns = xmalloc(strlen(opts) + 1); 222 char *patterns = xmalloc(strlen(opts) + 1);
223 223
@@ -236,25 +236,29 @@ auth_parse_options(struct passwd *pw, char *opts, char *file, u_long linenum)
236 if (!*opts) { 236 if (!*opts) {
237 debug("%.100s, line %lu: missing end quote", 237 debug("%.100s, line %lu: missing end quote",
238 file, linenum); 238 file, linenum);
239 auth_debug_add("%.100s, line %lu: missing end quote", 239 auth_debug_add("%.100s, line %lu: missing "
240 file, linenum); 240 "end quote", file, linenum);
241 xfree(patterns); 241 xfree(patterns);
242 goto bad_option; 242 goto bad_option;
243 } 243 }
244 patterns[i] = 0; 244 patterns[i] = 0;
245 opts++; 245 opts++;
246 if (sscanf(patterns, "%255[^:]:%5[0-9]", host, sport) != 2 && 246 p = patterns;
247 sscanf(patterns, "%255[^/]/%5[0-9]", host, sport) != 2) { 247 host = hpdelim(&p);
248 debug("%.100s, line %lu: Bad permitopen specification " 248 if (host == NULL || strlen(host) >= NI_MAXHOST) {
249 "<%.100s>", file, linenum, patterns); 249 debug("%.100s, line %lu: Bad permitopen "
250 "specification <%.100s>", file, linenum,
251 patterns);
250 auth_debug_add("%.100s, line %lu: " 252 auth_debug_add("%.100s, line %lu: "
251 "Bad permitopen specification", file, linenum); 253 "Bad permitopen specification", file,
254 linenum);
252 xfree(patterns); 255 xfree(patterns);
253 goto bad_option; 256 goto bad_option;
254 } 257 }
255 if ((port = a2port(sport)) == 0) { 258 host = cleanhostname(host);
256 debug("%.100s, line %lu: Bad permitopen port <%.100s>", 259 if (p == NULL || (port = a2port(p)) == 0) {
257 file, linenum, sport); 260 debug("%.100s, line %lu: Bad permitopen port "
261 "<%.100s>", file, linenum, p ? p : "");
258 auth_debug_add("%.100s, line %lu: " 262 auth_debug_add("%.100s, line %lu: "
259 "Bad permitopen port", file, linenum); 263 "Bad permitopen port", file, linenum);
260 xfree(patterns); 264 xfree(patterns);
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-26 13:19:19 +0000